urlscan.io logo urlscan.io
SecurityTrails logo

blackoxide.epi.com Open in urlscan Pro
157.55.194.28  Public Scan

Go To Rescan Add Verdict Report
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Submission: On August 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 14 HTTP transactions. The main IP is 157.55.194.28, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is blackoxide.epi.com.
This is the only time blackoxide.epi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 157.55.194.28 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
2 52.239.158.138 8075 (MICROSOFT...)
2 44.240.196.88 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
14 8
4    157.55.194.28 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
blackoxide.epi.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    52.239.158.138 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
landerstorage.blob.core.windows.net
2    44.240.196.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-196-88.us-west-2.compute.amazonaws.com
app.leadsrx.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Domain Requested by
4 blackoxide.epi.com blackoxide.epi.com
2 www.google-analytics.com 1 redirects blackoxide.epi.com
2 app.leadsrx.com blackoxide.epi.com
app.leadsrx.com
2 landerstorage.blob.core.windows.net blackoxide.epi.com
2 platform.twitter.com blackoxide.epi.com
platform.twitter.com
1 syndication.twitter.com platform.twitter.com
1 www.google.de blackoxide.epi.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 ajax.googleapis.com blackoxide.epi.com
14 10

This site contains links to these domains. Also see Links.

Domain
www.epi.com
eepurl.com
www.youtube.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.leadsrx.com
GeoTrust RSA CA 2018		 2020-03-26 -
2022-04-13		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Frame ID: 1CCD55B294623DADD731334B661CB417
Requests: 12 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fblackoxide.epi.com
Frame ID: 9D120C6C01F850EF01F8E118B4B4A05A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

36 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

244 kB
Transfer

635 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 10
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1187658736&utmhn=blackoxide.epi.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Kool%20Black&utmhid=2110742310&utmr=-&utmp=%2F%3Fgclid%3DCjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE&utmht=1628021266722&utmac=UA-531711-1&utmcc=__utma%3D93021518.2030053969.1628021267.1628021267.1628021267.1%3B%2B__utmz%3D93021518.1628021267.1.1.utmgclid%3DCjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE%7Cutmccn%3D(not%2520set)%7Cutmcmd%3D(not%2520set)%3B&utmjid=1128079506&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1187658736&utmhn=blackoxide.epi.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Kool%20Black&utmhid=2110742310&utmr=-&utmp=%2F%3Fgclid%3DCjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE&utmht=1628021266722&utmac=UA-531711-1&utmcc=__utma%3D93021518.2030053969.1628021267.1628021267.1628021267.1%3B%2B__utmz%3D93021518.1628021267.1.1.utmgclid%3DCjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE%7Cutmccn%3D(not%2520set)%7Cutmcmd%3D(not%2520set)%3B&utmjid=1128079506&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736&slf_rd=1&random=3599656751

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
blackoxide.epi.com/ 		30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
157.55.194.28 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f70f16ccd69f06e486327014c4da9c0a951d34fcae3dba57ddcc14b28404995d

Request headers

Host
blackoxide.epi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
3.0
X-AspNet-Version
4.0.30319
Set-Cookie
__lndr=29756=79024.aeb5649a-a59f-43a2-b1bd-0def9e6956fa.0.; expires=Wed, 03-Aug-2022 20:07:46 GMT; path=/
X-Powered-By
ASP.NET
Date
Tue, 03 Aug 2021 20:07:46 GMT
Content-Length
8280
Cookie set lndr.css
blackoxide.epi.com/css/ 		14 B
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://blackoxide.epi.com/css/lndr.css?r=0.887437106057739
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
157.55.194.28 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
392dd1baa335e2d7004408090c86177f3e8e36aabd5e5837ad8d458b3165c8ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
blackoxide.epi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Cookie
__lndr=29756=79024.aeb5649a-a59f-43a2-b1bd-0def9e6956fa.0.
Connection
keep-alive
Cache-Control
no-cache
Referer
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 20:07:46 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
3.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Set-Cookie
__lndr=29756=79024.aeb5649a-a59f-43a2-b1bd-0def9e6956fa.1.; expires=Wed, 03-Aug-2022 20:07:46 GMT; path=/
Content-Length
131
reset.css
blackoxide.epi.com/Content/ 		561 B
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://blackoxide.epi.com/Content/reset.css?v=20180925055025
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
157.55.194.28 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
74ec9c01ab57b1307daede89664d11c7648ee249f32230ab956bcf8bf3140976

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
blackoxide.epi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Cookie
__lndr=29756=79024.aeb5649a-a59f-43a2-b1bd-0def9e6956fa.0.
Connection
keep-alive
Cache-Control
no-cache
Referer
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 20:07:46 GMT
Content-Encoding
gzip
ETag
"67c932a89354d41:0"
Last-Modified
Tue, 25 Sep 2018 05:50:25 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
502
Expires
Tue, 19 Jan 2038 03:14:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 13:14:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
111170
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33845
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 02 Aug 2022 13:14:56 GMT
Lander.LinkTracking.js
blackoxide.epi.com/Scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://blackoxide.epi.com/Scripts/Lander.LinkTracking.js?v=20180323050616
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
157.55.194.28 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
db739021e4c0b3ceeb58dbb6371640e0723a8dc47daf5c273478ee9c6014a65b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
blackoxide.epi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Cookie
__lndr=29756=79024.aeb5649a-a59f-43a2-b1bd-0def9e6956fa.0.
Connection
keep-alive
Cache-Control
no-cache
Referer
http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 20:07:46 GMT
Content-Encoding
gzip
ETag
"9d713eac64c2d31:0"
Last-Modified
Fri, 23 Mar 2018 05:06:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1011
Expires
Tue, 19 Jan 2038 03:14:07 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 20:07:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/6762)
Age
480
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
image_0e1a9dff-4b37-4172-9cb9-df3389402e45_
landerstorage.blob.core.windows.net/lander-user-images/LanderUserGallery_19939/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://landerstorage.blob.core.windows.net/lander-user-images/LanderUserGallery_19939/image_0e1a9dff-4b37-4172-9cb9-df3389402e45_
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
013cf985a7404043d83895351cbd2b3a3cfcf13b3598bc13e6b88c6b72f220e7

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 03 Aug 2021 20:07:46 GMT
Last-Modified
Tue, 02 Jul 2013 19:39:34 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D0457303E3798C
Content-Type
image/png
x-ms-request-id
2de279fc-001e-00d6-3aa3-886541000000
x-ms-version
2009-09-19
Content-Length
8600
image_a4cbf994-d156-426f-8090-c5cee3a28fdf_
landerstorage.blob.core.windows.net/lander-user-images/LanderUserGallery_19939/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://landerstorage.blob.core.windows.net/lander-user-images/LanderUserGallery_19939/image_a4cbf994-d156-426f-8090-c5cee3a28fdf_
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ddd85b1435c647f186993a584f8601eefd0eeb267b8920a516e0ebf9daa397ce

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 03 Aug 2021 20:07:46 GMT
Last-Modified
Fri, 27 Sep 2013 17:23:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D089BD68EBD89E
Content-Type
image/jpeg
x-ms-request-id
fb0a137e-201e-00ac-0ea3-880f0c000000
x-ms-version
2009-09-19
Content-Length
24642
visitor.js
app.leadsrx.com/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://app.leadsrx.com/visitor.js
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
HTTP/1.1
Server
44.240.196.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-196-88.us-west-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
0744184a06c1c638519583ffd097ac94380d7a8e2a6ce3f8be92de87755fa75a

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 20:07:46 GMT
Last-Modified
Tue, 03 Aug 2021 13:56:04 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"40ef-5c8a80bf9368f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16623
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2424
date
Tue, 03 Aug 2021 19:27:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 03 Aug 2021 21:27:22 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 9D12 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fblackoxide.epi.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://blackoxide.epi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://blackoxide.epi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
84567
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Aug 2021 20:07:46 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1187658736&utmhn=blackoxide.epi.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ko...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1187658736&utmhn=blackoxide.epi.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=K...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736&slf_rd=1&random=3599656751
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736&slf_rd=1&random=3599656751
Requested by
Host: blackoxide.epi.com
URL: http://blackoxide.epi.com/?gclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 20:07:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 20:07:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-531711-1&cid=2030053969.1628021267&jid=1128079506&_v=5.7.2&z=1187658736&slf_rd=1&random=3599656751
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 9D12 		233 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=813b4f5c06debfcdd6b5ae245040704807372247
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fblackoxide.epi.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 20:07:46 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 20:07:46 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
ed117088d91c9a13135c0f429f72eaf8e3b8125b9736b7877a53f3640bf63a27
content-length
167
visitor.php
app.leadsrx.com/ 		52 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.leadsrx.com/visitor.php?acctTag=LANDER-19939&tz=-120&ref=&u=http%3A%2F%2Fblackoxide.epi.com%2F%3Fgclid%3DCjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE&t=Kool%20Black&lc=null&anon=0&vin=null
Requested by
Host: app.leadsrx.com
URL: http://app.leadsrx.com/visitor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.196.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-196-88.us-west-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
88a9119add96be93deaac20942f4d307f32b57330063558c5e8b24e1f608add9

Request headers

Referer
http://blackoxide.epi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
http://blackoxide.epi.com
date
Tue, 03 Aug 2021 20:07:47 GMT
access-control-allow-credentials
true
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
x-powered-by
PHP/5.6.40
content-length
52
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| _lander_landingPageUrl function| $ function| jQuery object| _lab object| __twttrll object| twttr object| __twttr object| _gaq object| addthis_config object| jQuery172005817283679902574 object| _gat object| gaGlobal function| _lrx_storageAvailable undefined| _lrx_success_delay undefined| _lrx_successTrig_delay undefined| _lrx_successLeads undefined| _lrx_successTrigs undefined| _lrx_conversionTimer object| _lrx_docCookies function| _lrx_buildCookie function| _lrx_isJSON function| _lrx_setup function| _lrx_hs_get_visitorid function| _lrx_sendEvent function| isSuccessMessage function| isSuccessMessageTrig function| ninjaForm function| _lrx_checkConversion function| _lrx_mkto_submit undefined| _lrx_mktoTimer undefined| _lrx_visitorID number| _lrx_maxChecks object| _lrx_mkto number| _lrx_delay function| _lrx_getUrlParameter undefined| lrx_newCSS undefined| lrx_styles object| optimizely

7 Cookies

Domain/Path Name / Value
.blackoxide.epi.com/ Name: __utmb
Value: 93021518.1.10.1628021267
.blackoxide.epi.com/ Name: _gac_UA-531711-1
Value: 1.1628021267.CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE
.blackoxide.epi.com/ Name: __utmz
Value: 93021518.1628021267.1.1.utmgclid=CjwKCAjw0qOIBhBhEiwAyvVcfxId9xJSempp8ZAVF9xc5tAKNhTlduGbIw_r_2Qa4INLcFvACt0j3xoCDS8QAvD_BwE|utmccn=(not%20set)|utmcmd=(not%20set)
.blackoxide.epi.com/ Name: __utmc
Value: 93021518
.blackoxide.epi.com/ Name: __utmt
Value: 1
.blackoxide.epi.com/ Name: __utma
Value: 93021518.2030053969.1628021267.1628021267.1628021267.1
blackoxide.epi.com/ Name: __lndr
Value: 29756=79024.aeb5649a-a59f-43a2-b1bd-0def9e6956fa.1.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.leadsrx.com
blackoxide.epi.com
landerstorage.blob.core.windows.net
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
www.google-analytics.com
www.google.com
www.google.de
104.244.42.136
157.55.194.28
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:828::2004
2a00:1450:400c:c06::9b
44.240.196.88
52.239.158.138
013cf985a7404043d83895351cbd2b3a3cfcf13b3598bc13e6b88c6b72f220e7
0744184a06c1c638519583ffd097ac94380d7a8e2a6ce3f8be92de87755fa75a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
392dd1baa335e2d7004408090c86177f3e8e36aabd5e5837ad8d458b3165c8ce
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
74ec9c01ab57b1307daede89664d11c7648ee249f32230ab956bcf8bf3140976
88a9119add96be93deaac20942f4d307f32b57330063558c5e8b24e1f608add9
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
db739021e4c0b3ceeb58dbb6371640e0723a8dc47daf5c273478ee9c6014a65b
ddd85b1435c647f186993a584f8601eefd0eeb267b8920a516e0ebf9daa397ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70f16ccd69f06e486327014c4da9c0a951d34fcae3dba57ddcc14b28404995d